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DETAILED ACTION 



Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prbr art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 



1 . Claims 1 -4 and 6-1 6 are rejected under 35 U.S.C. 1 03(a) as being unpatentable 
over Sistanizadeh et al. U.S. Pat. No. 5,790,548 in view of Srisuresh et al. U.S. Pat. No. 
6,058,431 . 



2. As to claim 1 , Sistanizadeh et al. teach method, comprising: 

using the first binding to enable the client to contact the gateway and thereby setting 
up a first session between the client and the gateway (via DNS server; item 332, 330 
fig. 3; items 30 and 34; or 28 and 32; fig. 1 ); and 
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using the second binding to enable the gateway to contact the service provider and 
thereby setting up a second session between the client and the service provider, the 
second session being nested in the first session between the client and gateway such 
that second-session data is encapsulated in first-session data and is forwarded by the 
gateway between the client and service provider (via DNS server; item 346, 340, fig. 3; 
combination of items 36, 26 and 24; fig. 1 ; col. 8, line 65- col. 9, line 6). 

Sistanizadeh et al. do not teach service provider bound by a first binding to the 
address of the gateway on the external network and by a second binding to the address 
of the service provider on the private network. Srisuresh et al. teach service provider 
bound by a first binding to the address of the gateway on the external network and by a 
second binding to the address of the service provider on the private network (because 
of the features of network address translation or NAT; title, abstract; fig. 7; col. 2, lines 
7-19). However, it would have been obvious to one of ordinary skill in the art at the time 
of invention to combine the teachings of Sistanizadeh et al. and Srisuresh et al. 
because that would provide service providers to determine the addresses specific to the 
needs of their clients (col. 2, lines 54-59). 

3. As to claim 2, Sistanizadeh et al. teach method in which the first and second 
bindings are held on an external domain name server and private domain name server, 
respectively (items 332, 346; fig. 3). 
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4. As to claim 3, Sistanizadeh et al. teach method in which the first binding is held 
on an external domain name server, and the second binding comprises a first part held 
by an internal naming service of the gateway and mapping the virtual name to a real 
name of the service provider, and a second part held by the external domain server and 
mapping the real name of the service provider to its address on the private network (i.e. 
via internal DNSs; items 332 and 346, fig. 3; col. 6, lines 62- 67). 

5. As to claims 4, 12 and 13, Sistanizadeh et al. teach method in which the external 
network includes the internet (i.e. since connection via ISP; see fig. 3). 

6. As to claim 6, Sistanizadeh et al. teach method in which the first and second 
sessions are both secure sessions with their data being encrypted (see fig. 2, 3, 4A and 
4B; col. 11, lines 34-39). 

7. As to claim 7, Sistanizadeh et al. teach method, in which the client is on a second 
private network distinct from the private network of the service provider, a second 
gateway bridges the second private network and external network, and the client has a 
second virtual name that is bound by a third binding to the address of the second 
gateway on the external network and by a fourth binding to the address of the client on 
the second private network (items 28, 32 and 30, 34; fig. 1 ). 
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8. As to claim 8, Sistanizadeh et al. teach method, in which a second service 
provider on the second private network is able to communicate with an external network 
via a second gateway bridging the second private network and the external network, 
and the second service provider has a second virtual name that is bound by a third 
binding to the address of the second gateway on the external network and by a fourth 
binding to the address of the second service provider on the second private network 
(items 16, 18 and items 10 and 14; fig. 1; col. 11, lines 39-55). 

9. As to claim 9, Sistanizadeh et al. teach method, in which the external network 
includes a further private network containing the private network of the service provider 
and there is a further gateway bridging the further private network to the portion of the 
external network which is external to the further private network (any of the routers in 
cloud 49; fig. 1 ; cloud 10 and 14; fig. 2), and wherein the virtual name is bound by a 
third binding to a routing address of the further gateway on the portion of the external 
network which is external to the further private network (via DNS server in fig. 2, 3; fig. 
4Band 5). 
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10. As to claim 10, Sistanizadeh et al. teach method comprising: 

allocating a virtual name to the server (via DNS server; item 332, 330; fig. 3; item 
346, 340; fig. 3).; 

at said external client, using the virtual name to address a said first message and a 
said second message, the former encapsulation the latter (inherent because of name to 
address resolution; fig. 2 and 3); 

using the first mapping to route the first message, with its encapsulated second 
message, to the gateway (fig. 2 and 3; col. 8, line 65 - col. 9, line 6; ); and 

using the second mapping to route the second message extracted at the gateway 
from the first message, to the server (fig. 2 and 3; ; col. 8, line 65 - col. 9, line 6). 

Sistanizadeh et al. do not teach mapping the server by a first mapping to the routing 
address of the gateway on the external network and by a second mapping to the routing 
address of the server on the private network. Srisuresh et al. teach mapping the server 
by a first mapping to the routing address of the gateway on the external network and by 
a second mapping to the routing address of the server on the private network (because 
of the features of network address translation or NAT; title, abstract; fig. 7; col. 2, lines 
7-19). However, it would have been obvious to one of ordinary skill in the art at the time 
of invention to combine the teachings of Sistanizadeh et al. and Srisuresh et al. 
because that would provide service providers to determine the addresses specific to the 
needs of their clients (col. 2, lines 54-59). 
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11. As to claim 1 1 , Sistanizadeh et al. teach method in which said first messages are 
encrypted (inherent; see fig. 2, 3, 4A and 4B). 

12. As to claims 14, 15 and 16, Sistanizadeh et al. teach method in which the client 
and the service provider communicate by way of tunneled session via the gateway 
(since various types of connections; fig. 1,2,3, 4A and 4B). 
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Response to Argument 



1 3. Applicant's arguments with respect to claims 1 -1 6 have been considered but are 
moot in view of the new ground(s) of rejection. 

14. The examiner would like to point out new 103 (a) rejection by references 
Sistanizadeh et al. and Srisuresh et al. for the claims 1-4 and 6-16. Both of the 
references provide plurality of internal and external networks. Sistanizadeh et al. teach 
DNS resolutions for internal and external networks and Srisuresh et al. teach one of the 
well known features of networking "network address translation" or "NAT" which 
provides different addresses for the internal and external addresses; and keeps internal 
network(s) hidden from the external network(s). Further, the encapsulation method is 
also well known in the art of networking which includes routers/gateways, where 
multiple addresses are embedded/encapsulated in one packet till the packet reaches 
the destination address after passing through one or plurality of hops (intermediate 
addresses) from a source address. Router(s)/gateway(s) are taught both in 
Sistanizadeh et al. and Srisuresh et al. When one of ordinary skill in the art combines 
references Sistanizadeh et al. and Srisuresh et al.; it would obviously provide the 
claimed limitations of the applicant as set forth in claims 1 -4 and 6-1 6. Therefore, the 
examiner retained the rejection of the application. 
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1 5. Applicant's amendment necessitated the new ground(s) of rejection presented in 
this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP 
§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 
CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 
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1 6. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Mohammad O. Farooq whose telephone number is 
(571) 272-4144. The examiner can normally be reached on 9:00am - 5:30pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Jeffrey A. Gaffin can be reached on (571 ) 272-4146. The fax phone number 
for the organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 



Mohammad O. Farooq 
June 18, 2005 




